Get In Touch
The most common use of network infrastructure is to facilitate legitimate communication between two parties across the network. Unfortunately, the same network infrastructure provides an opportunity for malicious communications.
Overview The constant stream of Adobe Flash updates has always been a serious security headache. As a matter of fact, using our Domain Reputation System (DRS), we recently discovered hundreds of new core domains per day, each with different subdomains, which trick users to download and install the latest Adobe Flash security patches. The total unique client count for all these names is hundreds of thousands, based on the global
By Daniel Franke, Infosec Researcher Akamai is aware of the recently-disclosed "ROCA" vulnerability in cryptographic firmware used in products made by Infineon Technologies. A bug in the firmware's prime-search algorithm used for RSA key generation results in RSA keys that are relatively cheap and inexpensive to factor. The bug impacts Infineon Trusted Platform Modules (TPMs) as well as many smartcards and Hardware Security Modules (HSMs) that use Infineon chips but
Just like that, another Akamai Edge has come and gone. If you were able to join us this year, I hope you had a chance to stop by my presentation on Threat Intelligence Insights: An In-Depth Analysis of a Fast Flux Botnet.
In today's post we describe a new amplification attack we've observed only a few days ago, and which we believe is a new phase in the evolution of DDoS attacks. Before getting into the details, let's start with a quick recap of what amplification attacks really are.
File-less malware is malware that exists exclusively as a computer memory-based artifact (i.e., in RAM). It doesn't write any of its activities to the hard drive, so it has no footprint in the file system. According to Carbon Black, this type of attack is on the rise: 97% of their customers were targeted by a file-less malware in 2016. The reason for its proliferation? Quite simply, it works.
*Akamai would like to acknowledge the research by F5 containing additional information on the capabilities of this malware, released September 2nd. Finding new features The WireX botnet was discovered due to its role in a series of prolonged attacks against several organizations. It was brought to our attention, thanks to researchers at 360.cn, that some WireX samples found in the wild appeared to have additional UDP attack capabilities that weren't
Introduction On August 17th, 2017, multiple Content Delivery Networks (CDNs) and content providers were subject to significant attacks from a botnet dubbed WireX. The botnet is named for an anagram for one of the delimiter strings in its command and control protocol. The WireX botnet comprises primarily Android devices running malicious applications and is designed to create DDoS traffic. The botnet is sometimes associated with ransom notes to targets.
One of my responsibilities as a member of the Akamai Security Intelligence Response Team (SIRT) is to research new web application vulnerabilities. For the last year, I have focused on Wordpress plugin vulnerabilities, and looking for any interesting code tidbits in my box of Wordpress toys. There are almost 50,000 wordpress plugins (at time of publication) and Wordpress is the Content Management System (CMS) of choice for over 30 million